VulnSynth-AI

VulnSynth AI turns CVE/ExploitDB refs into defense briefs in <10s. For MDR/MSSP teams: plain-English exploit breakdowns, instant WAF/Snort rules & confidence scoring to prioritize real threats.

Comment

Inspiration

MDR/MSSP analysts waste hours reverse‑engineering public exploits. We asked: What if CVE → mitigation took under 10 seconds?

What it does

Accepts a CVE/ExploitDB ID, returns a tactical brief with:

  • Plain‑English exploit logic flow
  • Stop‑gap mitigation (WAF/Snort rules)
  • Confidence score for escalation decisions

No execution, no hallucinations.

How we built it

FastAPI + PostgreSQL (pgvector) + Ollama (Llama 3 8B) + Docker Compose.
Strict state machine ensures predictable behavior even with malformed LLM output. I'm passionate about blue team and supply chain risks, and it has been made with coding agents.

Challenges we ran into

  • LLM JSON reliability → Retry with format correction + PARTIAL_SUCCESS fallback
  • Air‑gap ready → Zero cloud dependencies, local seed script
  • Compliance → Async audit logging of every synthesis request

Accomplishments that we're proud of

✅ One‑sprint containerized MVP
✅ Resilient state machine (never crashes on bad LLM output)
✅ Full test coverage (unit + integration)
✅ Sub‑10s Time‑to‑Context on CPU

What we learned

  • Prompt engineering is a contract—treat LLM output as a typed schema
  • Async audit logging is non‑negotiable for dual‑use tools
  • Ollama on CPU is viable for sub‑50KB prompts

What's next

  • Web UI with real‑time streaming
  • Full RAG via pgvector embeddings
  • SAML/OIDC for enterprise SSO
  • Fine‑tuned security prompts

VulnSynth AIFrom exploit to defense, in seconds.

Built With

Share this project:

Updates